<?php
	session_start();
    
    ob_start(); // Xoá ký tự đệm đầu trang, dùng để chạy Header("Location: ...");
	
    define("ALLOW", 1);
	
    function __autoload($class_name)
	{
		include_once('../classes/'.strtolower($class_name).'.php');
	}
//get the posted values
$TenDangNhap = htmlspecialchars($_POST['TenDangNhap'],ENT_QUOTES);
$MatKhau = md5($_POST['MatKhau']);

//now validating the username and password
$nguoidung = new nguoidungbs();
$nguoidung->TenDangNhap = $TenDangNhap;
$nguoidung->MatKhau = $MatKhau;
$ret_nguoidung = $nguoidung->GetListUser();
if(count($ret_nguoidung) == 1)
{
    if(strcmp($ret_nguoidung[0]['QuyenHan'],1)==0)
    {
        echo "yes";
		//now set the session from here if needed
		//$_SESSION['login'] = $row['TenNguoiDung']; 
        //$_SESSION['info'] = array();
        //$_SESSION['info'][] = $TenDangNhap;
        /*$_SESSION['info'][] = $row['Email'];
        $_SESSION['info'][] = $row['QuyenHan'];
        $_SESSION['info'][] = $row['Khoa'];*/
        $_SESSION['TenDangNhap'] = $TenDangNhap;
    }
    else
        echo "no"; //Invalid Login
}
else
    echo "no"; 
?>